IDMS must enforce applicable access control policies, even after a user successfully signs on to CV.
An XCCDF Rule
Description
<VulnDiscussion>Unless the DBMS is secured properly, there are innumerable ways that a system and its data can be compromised. The IDMS SRTT is the basis for mitigating these problems.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-251585r960792_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
Secure the desired resources by updating RHDCSRTT adding #SECRTT TYPE=ENTRY and TYPE=OCCURRENCE statements as needed. For example:
#SECRTT TYPE=ENTRY, X
RESTYPE=resource, X
SECBY=EXTERNAL, X
EXTCLS='CA@IDMS', X